Monsoon: Policy-Based Hybrid Cloud Management for Enterprises

Monsoon: Policy-Based Hybrid Cloud Management for Enterprises

Monsoon: Policy-Based Hybrid Cloud Management for Enterprises Shi Xing Yan, Bu Sung Lee, Guopeng Zhao, Chunqing Chen, Ding Ma, Peer Mohamed HP Laboratories HPL-2012-137 Keyword(s): Cloud Management; hybrid cloud; Abstract: Cloud Computing has become more and more prevalent over the past few years, and we have seen the emergence of Infrastructure-as-a-Service (IaaS) which is the most acceptable Cloud Computing service model. However, coupled with the opportunities and benefits brought by IaaS, the adoption of IaaS also faces management complexity in the hybrid cloud environment which enterprise users are mostly building up. A cloud management system, Monsoon proposed in this paper provides enterprise users an interface and portal to manage the cloud infrastructures from multiple public and private cloud service providers. To meet the requirements of the enterprise users, Monsoon has key components such as user management, access control, reporting and analytic tools, corporate account/role management, and policy implementation engine. Corporate Account module supports enterprise users? subscription and management of multi-level accounts in a hybrid cloud which may consist of multiple public cloud service providers and private cloud. Policy Implementation Engine module allows users to define the geography-based requirements, security level, government regulations and corporate policies and enforces these policies to all the subscription and deployment of user's cloud infrastructure. External Posting Date: June 28, 2012 [Fulltext] Approved for External Publication Internal Posting Date: June 28, 2012 [Fulltext] Copyright 2012 Hewlett-Packard Development Company, L.P. Monsoon: Policy-Based Hybrid Cloud Management for Enterprises Shi Xing Yan*, Bu Sung Lee*^, Guopeng Zhao*, Chunqing Chen*, Ding Ma*, Peer Mohamed* *HP Labs Singapore ^School of Computer Engineering 1 Fusionopolis Way Nanyang Technological University Singapore 138632 Singapore 639798 {shixing.yan, francis.lee, guopeng.zhao, chunqing.chen, dingm, peer.mohamed}@hp.com Abstract— Cloud Computing has become more and more standards, provides a packaging standard designed to address prevalent over the past few years, and we have seen the the portability and deployment of virtual appliances [1]. From emergence of Infrastructure-as-a-Service (IaaS) which is the OVF’s successful story of being adopted by ANSI [2], we can most acceptable Cloud Computing service model. However, see that industry users need interoperability and portability in coupled with the opportunities and benefits brought by IaaS, the the cloud computing era. adoption of IaaS also faces management complexity in the hybrid cloud environment which enterprise users are mostly building The lack of standards for configuration and management of up. A cloud management system, Monsoon proposed in this cloud services is still a major obstacle on the road for the paper provides enterprise users an interface and portal to companies who are considering the adoption of IaaS, because manage the cloud infrastructures from multiple public and the enterprise users may need to manage a hybrid cloud private cloud service providers. To meet the requirements of the environment which includes both private cloud and public enterprise users, Monsoon has key components such as user cloud. Since each IaaS service provider has similar provision of management, access control, reporting and analytic tools, cloud computing service, it is possible to design a generic corporate account/role management, and policy implementation model for each category of service. We have proposed a engine. Corporate Account module supports enterprise users’ generic abstraction model of IaaS services to facilitate multi- subscription and management of multi-level accounts in a hybrid sourcing IaaS for increasing availability and security cloud which may consist of multiple public cloud service requirements [3]. This generic IaaS model abstracts the providers and private cloud. Policy Implementation Engine commonly used operations from existing key service providers, module allows users to define the geography-based requirements, security level, government regulations and corporate policies and and it has been designed with full coverage of functionalities to enforces these policies to all the subscription and deployment of satisfy IaaS users’ requirements. As part of the modeling of user’s cloud infrastructure. IaaS resources, we have defined core elements and attributes as well as extension to cover the additional services provided by different IaaS providers. A common interface has been I. INTRODUCTION developed with the implementation of the generic IaaS model Infrastructure-as-a-Service (IaaS) is one of the service in a model-based service integration environment, models of cloud computing which offers IT infrastructure Web2Exchange [4], and users can use this common interface to including compute, storage and network as a service. The cloud access and manage a shared pool of cloud infrastructure from infrastructure is provided to the users in a more scalable and multiple IaaS providers without need to be aware of the elastic way by IaaS providers through pay-per-use business different proprietary interfaces for difference service providers model. IaaS becomes extremely attractive to IT managers and [5]. CIO when it comes to outsourcing IT resources. CIO and IT Besides demanding the cloud infrastructure provide high managers see the possible benefits in terms of reducing capital availability and security for their business critical system, the cost, global accessibility and flexibility on top of other enterprise users will also need some more advanced features advantages. However, there are also many concerns such as for their cloud infrastructure management. For example, the vendor lock-in, security, availability, portability, etc. Many concept of Corporate Account is very appealing for enterprise cloud service providers in this emerging market, or more users because they can subscribe to cloud services and allocate specifically the majority of IaaS providers, are providing users in their organization to different roles. Although similar services with slightly different offerings, but the Corporate Account has been adopted widely by many proprietary APIs to each service are all different which stop the Software-as-a-Service (SaaS) providers to support multi- users switching from the service providers. Hence, the standard tenancy and organization, the major IaaS providers currently interfaces become crucial to address these issues to accelerate do not have implementation of Corporate Account in the the adoption of cloud computing. If we look at the exponential market. In this paper, we will first briefly describe our growth of Internet after the widely adoption of World Wide common interface for the management of hybrid cloud called Web (WWW) in 1990s, it is an interesting example showing unified IaaS proxy service in Section II. The IaaS proxy model the power and importance of standardization. DMTF Open and its implementation on Web2Exchange are covered in detail Virtualization Format (OVF), which is one of the pioneer cloud The preliminary version of this paper has been presented at 5th International DMTF Academic Alliance Workshop on Systems and Virtualization Management: Standards and the Cloud, October 2011. giving the generic entities of IaaS. In Section III, we will introduce Monsoon which provides a multi-tenant infrastructure management portal for hybrid cloud. In Section IV we will discuss the related work and current issues. Conclusions and future work are described in Section V. NIFIED AA ROXY II. U I S P A. Generic IaaS Model and Its Evolvement Figure 1. Modeling of Clusters Since each IaaS service provider has similar provision of cloud computing service, it is possible to design a generic B. Implemetation in Web2Exchange model by abstracting the commonly used operations from existing key service providers. The proposed service models Web2Exchange provides a model-based service integration are designed with full coverage of functionalities, which can environment to facilitate the service deployment, discovery, satisfy IaaS users’ requirements. and integrations. The models of services on Web2Exchange are described by Managed Object Format (MOF) which is a As previously proposed in [5], the generic IaaS model readable and writable syntax with extension of the DMTF CIM inherits from the model-based approach, and contains models meta-model [4]. In Web2Exchange the service developers can for both types and services. The type models provide necessary define service models directly in MOF or use source-code parameters as well as information about instances of types annotations to have Web2Exchange to define the service logic. which are exposed by a set of services during service invocations. Service models cater for basic functionalities We implemented our service models for IaaS as a unified which are required to fulfill operational requests IaaS Proxy in Web2Exchange [5]. The IaaS proxy provides a common interface to manage IaaS environments across public There are various types in the proposed IaaS model: clouds and private clouds, so the users only need to interface Resource type, such as compute, storage; Reflection type such with our IaaS proxy but not specific APIs from various IaaS as image and snapshot; and other types such as credential and providers as shown in Fig. 2. The IaaS proxy can be discovered firewall. A number of services

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    8 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us